Emerging Threats | Intel 471 Skip to content

Emerging Threats

Hero background fallback
Update: LockBit Ransomware
Emerging Threats// Mar 17, 2025

Update: LockBit Ransomware

LockBit 4.0 continues to evolve with enhanced evasion techniques, making it a persistent threat to organizations, and Intel 471 has updated its collection with relevant Hunt Packages to support detection efforts.
Update: Black Basta Ransomware and Threat Group
Emerging Threats// Mar 05, 2025

Update: Black Basta Ransomware and Threat Group

A significant leak of internal chat logs from within Black Basta ransomware group has provided the community with a glimpse into their operations, including further information regarding their capabilities, tools and motivati...
BadPilot Campaign
Emerging Threats// Feb 26, 2025

BadPilot Campaign

The subgroup conducting BadPilot has been observed to be exploiting known vulnerabilities, such as CVE-2024-1709 (ConnectWise ScreenConnect) and CVE-2023-48788 (Fortinet FortiClient EMS), as well as abusing remote access tool...
Android trojan TgToxic updates its capabilities
Security Operations// Feb 24, 2025

Android trojan TgToxic updates its capabilities

Intel 471 mobile malware researchers recently discovered a campaign leveraging an updated version of TgToxic, an Android banking trojan. Here's an in-depth look at this malware.
DeepSeek AI poses cybersecurity risks
Threat Intelligence// Feb 07, 2025

DeepSeek AI poses cybersecurity risks

China-based DeepSeek has upended notions about AI development and prompted security concerns. Here is a briefing on DeepSeek and how cybercriminals are viewing its development.
Remote Monitoring and Management (RMM) Abuse
Emerging Threats// Jan 29, 2025

Remote Monitoring and Management (RMM) Abuse

Remote Monitoring and Management tools have been legitimately used by IT professionals, managed service providers and system administrators. However, these capabilities can be abused and exploited when in a threat actor's han...
How ransomware may trend in 2025
Cybercriminals// Malicious Actors// Jan 21, 2025

How ransomware may trend in 2025

New variants and threat actor groups kept up the tempo of ransomware attacks in 2024. Here's a look at how this type of pervasive cybercrime may trend this year.
What 2025 May Hold for Cybersecurity
Emerging Threats// Jan 08, 2025

What 2025 May Hold for Cybersecurity

Here are insights into what 2025 may hold in cybersecurity based on Intel 471’s historical analyses of trends and intelligence collection.
Salt Typhoon Threat Group
Emerging Threats// Oct 16, 2024

Salt Typhoon Threat Group

Salt Typhoon is an APT threat actor that has most recently and publicly breached the systems of major United States based telecommunication providers (specifically ISPs) in September/October of 2023
INC Ransomware
Emerging Threats// Sep 05, 2024

INC Ransomware

INC Ransomware is a malware variant that was first observed in July/August of 2023, and has since been a part of major disruptions mostly in North America and Europe.

Subscribe

Featured Resource
Intel 471 Logo 2024

AresLoader is a new loader malware-as-a-service (MaaS) offered by threat actors with links to Russian hacktivism that was spotted recently in the wild.

© 2025 Intel 471  |  Privacy Policy  |  Terms of Service  |  Legal Agreements  |  Modern Slavery and Human Trafficking Statement